Marcos

ELC generates a zip file so you don't have to zip it again. If it's too big, upload it to OneDrive, DropBox, etc. and provide a download link.

@dontdrama Please gather logs with ELC and provide the generated zip archive.

To start off, how do you know that your computer is infected? After you've installed ESET and modules were updated to the latest version, did ESET detect some malware but was unable to clean it?

The malware was removed so the website will be unblocked momentarily. Next time please follow the instructions at https://support.eset.com/kb141.

Unfortunately you didn't mention what version of EAV for Linux you use. Are you having this issue with the latest version 4.0.90?

Please follow my advice above. Only the seller should know the exact reason of cancellation.

If the license was canceled, please contact the distributor or seller from whom you purchased it.

For cleaning Powershell malware that is either not recognized or not possible to clean by a product for whatever reason, we have a standalone tool that can be used with the assistance of customer care. The malware cleaning service is provided to users with a paid license.

Please post a screen shot of how ESET detects the malware. Also providing relevant details from the Detected threats log would help.

That is correct. Startup scan tasks can be disabled in Scheduler, however, we don't recommend that. As a result, if you had a new malware running in memory and ESET would update modules to recognize it, it might not be recognized until a computer restart. Pausing protection has no effect on startup scans, AMS, etc. It simply pauses real-time protection, web and email protection, document protection, etc.

1, If you mean patch management, we don't offer currently any such products. 2, ESET has had advanced heuristics for ages (for almost 20 years if I remember correctly) which runs scanned files in a virtual environment. This enables generation of so-called DNA genes and extraction of various metadata that subsequently serve to create (X)DNA detections which are basically "descriptions" of the malicious operations the file performs and enables ESET to proactively detect a lot malware initially missed by other on-demand/on-access competitive scanners. 3, The Ransomware shield has been in consumer products since v9. What you mean is a basic protection of folders in which only authorized processes (Office applications) can modify files. There are many such applications made for this purpose and Microsoft also provides such a feature. You can achieve this with simple HIPS rules as well. However, this kind of protection is not effective against malware injected in Office processes or script malware that is run by Office applications. The Ransomware shield provides advanced protection and takes into account many aspects, including cloud information, monitoring running processes for suspicious ransowmare-like behavior, etc.

It's another protection layer. While AMS scans process memory upon execution, the startup scan (available as tasks in scheduler) scans files registered in startup locations and memory after each module update and user's logon.

The problem has turned out to be at Microsoft's part. If we have information when Microsoft is going to address this, we'll let you know.

Since incorrect and misleading information were provided by the OP and "A" vs "B" discussions are not permitted by forum rules (https://forum.eset.com/topic/76-rules-of-the-eset-security-forum/), we'll draw this topic to a close. For instance, the statement " Eset have 2-4 bases update to 94 or 100 viruses" is completely incorrect because we cover dozens of thousands of newly emerging threats on a daily basis which is far from what the OP wrote. Needless to say that most AVs, including the one mentioned by the OP, often add detections after ESET, at least in terms of on-demand/on-access detection.

Maybe this is the reason: "Entry" = "A corruption was discovered in the file system structure on volume E:. The exact nature of the corruption is unknown. The file system structures need to be scanned online. " 11/05/2018 10:07:12 ; The system temp/tmp variables point to e:\temp. Replace disk e: with a new 100% working hdd/sdd or at least try pointing the system temp/tmp variables to c:\windows\temp and carry out a full reboot (e.g. by running "shutdown -r -t 0"). Also run a scan with HD Tune Error Scan on drives e:, s: and t:

The user can create a mirror on a computer with Internet connection and point the client to update from it. For more information, refer to https://support.eset.com/kb3641/.

Not sure what blue ESET window you mean so please post a screen shot for clarification. As far as I know, there is no blue window shown by ESET. Also let us know what ESET product and version you use and what is your version of Windows.

Please provide ELC logs to start off. If you are using Windows 10 Insider Preview build 17704 or newer, this is expected since it's not fully supported yet (will be soon).

1, Taking into account only basic modules that are released with each update (ie. the engine, the rapid response module and the antispam module), the last update was 14,305 + 46,450 + 21,898 bytes, ie. ~83 kB in total. It depends also on other modules that are released at times and also on how many updates a particular client has missed. 2, There are 6 updates during work days, 4 during weekends. 3, If you use an http proxy to cache update files, only the necessary files needed by clients will be downloaded. In an ideal case, with an http proxy in use clients would download ~500 kB + some data for LiveGrid per day in total. 4, I don't understand this question, please elaborate. The recommended configuration are default settings.

You have some old v4.2 drivers running with EES 6.6. How did you upgrade to v6.6? Did you reboot the machine? Was v4.2 previously installed in the default or a custom folder, e.g. on other then the c: drive? I'd suggest uninstalling EES and installing it from scratch. Should the problem persist, after uninstalling EES also run the Uninstall tool in safe mode prior to installing EES from scratch.

Does temporarily disabling the firewall make a difference? Did you mark the detected network as home/office trusted network upon detection?

This forum is rather meant for sharing knowledge and does not substitute contacting customer care. Reports here cannot be tracked and also tackling certain issues may require several iterations with developers during which various logs or dumps may be requested.

Please contact your local customer care to troubleshoot the issue. However, the fact that EP6.3 can update indicates that you have downloaded files for EP6-EP6.5, not for EP6.6 which uses a different format of update files. If you use both older versions of Endpoint and EP6.6, you'll need to create 2 mirrors.

If it's locked because you marked it as missing in the Anti-Theft portal, simply unmark it there.

Try the following: - disable SSL/TLS filtering - reboot the system - without launching any browser, re-enable SSL/TLS filtering